NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ross_fletcher's avatar
ross_fletcher
Aspirant
Aug 13, 2021

ReadyNAS Duo & SMB 1.0

Hi. I have a ReadyNAS Duo V1 which I have used for backups but due to the SMB 1.0 situation will be replacing it shortly. I also have SONOS S1 which will also not read my music from my Windows 10 PC ...
StephenB's avatar
StephenB
Guru - Experienced User
Aug 13, 2021
ross_fletcher wrote:

My question is, if I block them both from accessing the internet in my Netgear Orbi router, does this prevent my network from being susceptible to the vulnerabilities of SMB 1.0? Or is the presence of any SMB 1.0 enabled device on the network a threat full stop? Many thanks.

Opinions on this will vary, but in my opinion it is safe to run SMB 1 on a home network.  The risks are much greater on a large corporate network.  I still have it enabled on my main NAS, because I also have a media player that needs it.

 

The security issues with SMB 1 are due to the lack of authentication and encryption. The truth is while SMB 3 has both, they often aren't turned on anyway. 

 

As far as internet access goes, your router is already blocking inbound SMB connections to your NAS, and it won't make unsolicited outbound SMB connections unless it is hacked in some other way.  I don't recommend forwarding ports to the NAS - not because it's running SMB 1, but because it hasn't received any security patches in some years.  But I don't think you need to do anything special in the Orbi to block its internet access.

 

 

  • ross_fletcher's avatar
    ross_fletcher
    Aspirant
    Aug 14, 2021

    Many thanks for that. I just thought that since the ReadyNAS Duo does not require internet access then I might just as well block it.

    • StephenB's avatar
      StephenB
      Guru - Experienced User
      Aug 14, 2021
      ross_fletcher wrote:

      I just thought that since the ReadyNAS Duo does not require internet access then I might just as well block it.

      NTP (time sync) does use internet access. You can live without it, but the real time clock will drift (and if the coin battery in the NAS is dead, the clock will be very wrong when the system powers up).  Clock drift depends on a lot of factors, but could be several seconds per day. So you'd need to manually check it, and adjust as needed.

       

      The only other function that uses the internet is check for update, which is no longer relevant.

      • ross_fletcher's avatar
        ross_fletcher
        Aspirant
        Aug 14, 2021

        Thanks again StephenB.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More